<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Pwd extends CI_Controller {
	
	function index(){
		$user = $this->session->userdata('ych_user');
		if(isset($user['user_id']) && $user['user_id'] > 0){
			$this->load->view('mobile/pwd');
		}else{
			$ret['msg'] = '请先登录';
			$ret['url_title'] = '前往登录页';
			$ret['url_next']="/mobile/login.html";
			$this->load->view('mobile/msg',$ret);
		}
	}
	
	function set(){
		$user = $this->session->userdata('ych_user');
		if(isset($user['user_id']) && $user['user_id'] > 0){
			$oldPwd = $this->input->post('old_pwd');
			$newPwd = $this->input->post('new_pwd');
			$newPwd2 = $this->input->post('new_pwd2');
			
			if(!$oldPwd){
				$ret['msg'] = '请输入旧密码';
				$ret['url_title'] = '返回';
				$ret['url_next']="/mobile/pwd.html";
				$this->load->view('mobile/msg',$ret);
			}elseif (!$newPwd){
				$ret['msg'] = '新密码不能为空';
				$ret['url_title'] = '返回';
				$ret['url_next']="/mobile/pwd.html";
				$this->load->view('mobile/msg',$ret);
			}elseif (!isset($newPwd[5])){
				$ret['msg'] = '新密码长度不够';
				$ret['url_title'] = '返回';
				$ret['url_next']="/mobile/pwd.html";
				$this->load->view('mobile/msg',$ret);
			}elseif ($newPwd!=$newPwd2){
				$ret['msg'] = '新密码输入不一致';
				$ret['url_title'] = '返回';
				$ret['url_next']="/mobile/pwd.html";
				$this->load->view('mobile/msg',$ret);
			}else{
				$user_id = $user['user_id'];
				$this->load->model('User_model', 'user');
				$user = $this->user->get_by_uid($user_id);
				
				if(md5(md5($oldPwd)) == $user['password']){
					$res = $this->user->update(array('password'=>md5(md5($newPwd))),array('user_id'=>$user_id));
					//uc修改密码
					include './config.inc.php';
					include './uc_client/client.php';
					$int = uc_user_edit($user['username'], $oldPwd, $newPwd, '');
					if($int){
						require_once './include/db_mysql.class.php';
						$db = new dbstuff;
						$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset ? $dbcharset : 'utf-8');
						$tmpRow = $db->fetch_first("SELECT * FROM ".$tablepre."members WHERE username='{$user['username']}'");
						$newUcPwd = md5(md5($newPwd).$tmpRow['salt']);
						$db->query("UPDATE ".$tablepre."members SET password='$newUcPwd' WHERE username='{$user['username']}'");
					}
					if ($res){
						$ret['msg'] = '操作成功';
						$ret['url_title'] = '返回用户中心';
						$ret['url_next']="/mobile/ucenter.html";
						$this->load->view('mobile/msg',$ret);
					}else{
						$ret['msg'] = '操作失败';
						$ret['url_title'] = '返回';
						$ret['url_next']="/mobile/pwd.html";
						$this->load->view('mobile/msg',$ret);
					}
					
				}else{
					
					$ret['msg'] = '旧密码不正确';
					$ret['url_title'] = '返回';
					$ret['url_next']="/mobile/pwd.html";
					$this->load->view('mobile/msg',$ret);
				}
			}
			
		}else{
			$ret['msg'] = '请先登录';
			$ret['url_title'] = '前往登录页';
			$ret['url_next']="/mobile/login.html";
			$this->load->view('mobile/msg',$ret);
		}
	}
	
}